| #101 | Wordfence Security – Firewall, Malware Scan, and Login Security | 21 | 1,592 | 2,973 | 5m+ | | | Output is not escaped |
| #102 | WP Compress – Instant Performance & Speed Optimization | 21 | 3,349 | 3,218 | 10k+ | | | Non Singular String Literal Domain |
| #103 | WP-Lister Lite for eBay | 21 | 6,697 | 5,129 | 2k+ | | | Output is not escaped |
| #104 | WP phpMyAdmin | 21 | 4,528 | 6,435 | 50k+ | | | Missing Arg Domain |
| #105 | wpDataTables – WordPress Data Table, Dynamic Tables & Table Charts Plugin | 21 | 1,811 | 1,432 | 70k+ | | | Output is not escaped |
| #106 | WebTotem Security | 21 | 1,110 | 213 | 900 | | | Text Domain Mismatch |
| #107 | 12 Step Meeting List | 22 | 156 | 593 | 900 | | | Non-prefixed global variable |
| #108 | Ajax Load More – Infinite Scroll, Load More, & Lazy Load | 22 | 641 | 595 | 40k+ | | | Unsafe printing function |
| #109 | All-in-One Video Gallery | 22 | 911 | 2,892 | 20k+ | | | Non-prefixed global variable |
| #110 | Shortcodes and extra features for Phlox theme | 22 | 413 | 426 | 90k+ | | | Output is not escaped |
| #111 | ANAC XML Bandi di Gara | 22 | 294 | 244 | 600 | | | Output is not escaped |
| #112 | Backup Bolt | 22 | 580 | 1,313 | 900 | | | Non-prefixed global variable |
| #113 | Borderless – Addons and Templates for Elementor | 22 | 438 | 1,388 | 5k+ | | | Non-prefixed global variable |
| #114 | Better Messages – Chat Rooms, Group Chat, Private Messages & AI Chat Bots | 22 | 1,607 | 2,018 | 10k+ | | | Direct Query |
| #115 | Better WordPress Minify | 22 | 412 | 484 | 8k+ | | | Non Singular String Literal Domain |
| #116 | Clearfy Cache – WordPress optimization plugin, Minify HTML, CSS & JS, Defer | 22 | 2,858 | 1,270 | 50k+ | | | Text Domain Mismatch |
| #117 | Code Profiler – WordPress Performance Profiling and Debugging Made Easy | 22 | 265 | 400 | 8k+ | | | Non-prefixed global variable |
| #118 | Accept PayPal Payments using Contact Form 7 | 22 | 359 | 127 | 600 | | | Text Domain Mismatch |
| #119 | RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login | 22 | 3,654 | 5,061 | 8k+ | | | Non-prefixed global variable |
| #120 | WP Customer Area | 22 | 3,308 | 941 | 10k+ | | | Text Domain Mismatch |
| #121 | Database Access with Adminer | 22 | 983 | 2,553 | 1k+ | | | Non-prefixed global variable |
| #122 | Directorist: AI-Powered Business Directory, Listings & Classified Ads | 22 | 443 | 2,129 | 20k+ | | | Non-prefixed global variable |
| #123 | Download Manager | 22 | 2,290 | 1,301 | 100k+ | | | Output is not escaped |
| #124 | Dynamic QR Code – generator | 22 | 238 | 208 | 6k+ | | | Missing direct file access protection |
| #125 | E2Pdf – Export Pdf Tool for WordPress | 22 | 1,075 | 836 | 10k+ | | | Unsafe printing function |
| #126 | easyReservations | 22 | 5,307 | 2,480 | 800 | | | Text Domain Mismatch |
| #127 | Events Manager – Calendar, Bookings, Tickets, and more! | 22 | 4,722 | 5,621 | 70k+ | | | Output is not escaped |
| #128 | File Manager Pro – Filester | 22 | 565 | 391 | 100k+ | | | Request data is not unslashed |
| #129 | Finale Lite – Sales Countdown Timer & Discount for WooCommerce | 22 | 1,031 | 451 | 4k+ | | | Output is not escaped |
| #130 | FireBox Popups – Increase Sales and Grow Your Email List | 22 | 153 | 812 | 7k+ | | | Non-prefixed global variable |
| #131 | Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder | 22 | 409 | 236 | 700k+ | | | Text Domain Mismatch |
| #132 | Five Star Restaurant Menu and Food Ordering | 22 | 752 | 609 | 5k+ | | | Output is not escaped |
| #133 | FunnelKit Payment Gateway for Stripe WooCommerce | 22 | 244 | 321 | 20k+ | | | Input is not sanitized |
| #134 | GeoDirectory – WP Business Directory Plugin and Classified Listings Directory | 22 | 4,466 | 3,972 | 10k+ | | | Output is not escaped |
| #135 | Anti-Malware Security and Brute-Force Firewall | 22 | 544 | 965 | 100k+ | | | Output is not escaped |
| #136 | Happyforms – Form Builder for WordPress: Drag & Drop Contact Forms, Surveys, Payments & Multipurpose Forms | 22 | 1,037 | 722 | 20k+ | | | Unsafe printing function |
| #137 | Hesabfa Accounting | 22 | 467 | 718 | 400 | | | Text Domain Mismatch |
| #138 | Heureka | 22 | 557 | 254 | 400 | | | Exception output is not escaped |
| #139 | Csomagpontok és Címkék WooCommerce-hez | 22 | 2,001 | 769 | 7k+ | | | Text Domain Mismatch |
| #140 | Insert or Embed Articulate Content into WordPress | 22 | 659 | 1,437 | 2k+ | | | Non-prefixed global variable |
| #141 | Számlázz.hu integráció WooCommerce-hez | 22 | 1,169 | 460 | 7k+ | | | Text Domain Mismatch |
| #142 | InfiniteWP Client | 22 | 2,286 | 1,812 | 200k+ | | | Exception output is not escaped |
| #143 | Import WP – Export and Import CSV and XML files to WordPress | 22 | 580 | 330 | 4k+ | | | Exception output is not escaped |
| #144 | Jim Soft Swiss QR Invoice | 22 | 263 | 392 | 400 | | | Non-prefixed global variable |
| #145 | LearnPress – WordPress LMS Plugin for Create and Sell Online Courses | 22 | 2,346 | 3,341 | 70k+ | | | Non-prefixed global variable |
| #146 | Mail Baby SMTP | 22 | 385 | 699 | 600 | | | SQL query is not prepared |
| #147 | MailOptin – Popup, Optin Forms & Email Newsletters for Mailchimp, HubSpot, AWeber Etc. | 22 | 2,619 | 2,453 | 10k+ | | | Output is not escaped |
| #148 | Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider | 22 | 207 | 323 | 500k+ | | | Non-prefixed global variable |
| #149 | Moloni | 22 | 902 | 356 | 2k+ | | | Missing Arg Domain |
| #150 | Motors – Car Dealership & Classified Listings Plugin | 22 | 5,340 | 5,958 | 9k+ | | | Text Domain Mismatch |
